[XFRM] IPV6: Support Mobile IPv6 extension headers sorting.

Support Mobile IPv6 extension headers sorting for two transformation policies.
Mobile IPv6 extension headers should be placed after IPsec
transport mode, but before transport AH when outbound.

Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
index e0b8f3c..6269584 100644 (file)
--- a/net/ipv6/xfrm6_state.c
+++ b/net/ipv6/xfrm6_state.c
@@ -173,7 +173,19 @@ __xfrm6_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n)
        if (j == n)
                goto end;
 
-       /* XXX: Rule 2: select MIPv6 RO or inbound trigger */
+       /* Rule 2: select MIPv6 RO or inbound trigger */
+#ifdef CONFIG_IPV6_MIP6
+       for (i = 0; i < n; i++) {
+               if (src[i] &&
+                   (src[i]->props.mode == XFRM_MODE_ROUTEOPTIMIZATION ||
+                    src[i]->props.mode == XFRM_MODE_IN_TRIGGER)) {
+                       dst[j++] = src[i];
+                       src[i] = NULL;
+               }
+       }
+       if (j == n)
+               goto end;
+#endif
 
        /* Rule 3: select IPsec transport AH */
        for (i = 0; i < n; i++) {
@@ -226,7 +238,19 @@ __xfrm6_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n)
        if (j == n)
                goto end;
 
-       /* XXX: Rule 2: select MIPv6 RO or inbound trigger */
+       /* Rule 2: select MIPv6 RO or inbound trigger */
+#ifdef CONFIG_IPV6_MIP6
+       for (i = 0; i < n; i++) {
+               if (src[i] &&
+                   (src[i]->mode == XFRM_MODE_ROUTEOPTIMIZATION ||
+                    src[i]->mode == XFRM_MODE_IN_TRIGGER)) {
+                       dst[j++] = src[i];
+                       src[i] = NULL;
+               }
+       }
+       if (j == n)
+               goto end;
+#endif
 
        /* Rule 3: select IPsec tunnel */
        for (i = 0; i < n; i++) {